H3C Technologies H3C S7500E Series Switches User Manual
Page 84
3-21
[Switch] dot1x
# Enable 802.1X for port GigabitEthernet2/0/1.
[Switch] interface gigabitethernet 2/0/1
[Switch-GigabitEthernet2/0/1] dot1x
[Switch-GigabitEthernet2/0/1] quit
# Configure the access control method. (Optional Because the default setting meets the requirement.)
[Switch] dot1x port-method macbased interface gigabitethernet 2/0/1
Verification
z
If the 802.1X client of Windows XP is used, the properties of the 802.1X connection should be
specifically configured in the Authentication tab on the Properties page, where you must select
the Enable IEEE 802.1X authentication for this network option and specify the EAP type as
MD5-Challenge.
z
If the H3C iNode client is used, no advanced authentication options need to be enabled.
When using the H3C iNode client, the user can pass authentication after entering username
dot1x@bbb and the correct password in the client property page. When using the Windows XP
802.1X client, the user can pass authentication after entering the correct username and password in
the pop-up authentication page. After the user passes authentication, the server assigns the port
connecting the client to VLAN 4.
Use the display connect command to view the connection information on the switch.
[Switch] display connection
Slot: 1
Index=22 , Username=dot1x@bbb
IP=192.168.1.58
IPv6=N/A
MAC=0015-e9a6-7cfe
Total 1 connection(s) matched on slot 1.
Total 1 connection(s) matched.
# View the information of the specified connection on the switch.
[Switch] display connection ucibindex 22
Slot: 1
Index=22 , Username=dot1x@bbb
MAC=0015-e9a6-7cfe
IP=192.168.1.58
IPv6=N/A
Access=8021X ,AuthMethod=CHAP
Port Type=Ethernet,Port Name=GigabitEthernet2/0/1
Initial VLAN=1, Authorized VLAN=4
ACL Group=Disable
User Profile=N/A
CAR=Disable
Priority=Disable